Public Key Authority Vs. Certificate Authority

Certificate Authorities provide an additional layer of security over Public Key Authorities.Fotolia.com"> Public Key Authorities, also known as Public Key Infrastructures (PKI), are the means by which transmitted data is encrypted in Internet communications. Although messages may be safely sent through a PKI, a Certificate Authority (CA) insures that the Public Key is authentic.
CyptographyCommunication in a Public Key system is asymmetric, meaning the sender and receiver do not need a common key to send encrypted messages. The sender needs to know the receiver's public key in order to send the message. For communication to remain private, however, the receiver needs to keep the sender's private key confidential.TrustBecause of asymmetric encryption, communication in a PKI should be secure. Problems arise when individuals or companies misrepresent themselves by assuming false identities, thus allowing confidential information to fall into the wrong hands.Certificate AuthorityCertificate Authorities are trusted third parties that verify identities of websites holding Public Keys. The certificates issued contain names, addresses, phone numbers and other verifiable information, to determine whether the entity is real. Different vetting requirements are dependent on the type of certificate issued. Some certificates issued provide an additional encryption called a Secure Socket Layer (SSL) that makes communication more secure. Without a CA, one would have to verify the identity of a Public Key by offline means. References Globus.org: Public Key Authority Globus.org: Certificates and Certificate Authorities TopBits.com: Certificate Authority Best Internet Security: Public Key Infrastructure, Certificate Authority and Its Role in PKI